Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

vim: CVE-2022-4141

Related Vulnerabilities: CVE-2022-4141   CVE-2022-4292  

Source

Debian Bug report logs - #1027146
vim: CVE-2022-4141

version graph

Package: src:vim; Maintainer for src:vim is Debian Vim Maintainers <team+vim@tracker.debian.org>;

Reported by: Moritz Mühlenhoff <jmm@inutil.org>

Date: Wed, 28 Dec 2022 16:42:02 UTC

Severity: important

Tags: security, upstream

Found in version vim/2:9.0.0813-1

Fixed in version vim/2:9.0.1000-1

Done: James McCoy <jamessan@debian.org>

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, Debian Vim Maintainers <team+vim@tracker.debian.org>:
Bug#1027146; Package src:vim. (Wed, 28 Dec 2022 16:42:04 GMT) (full text, mbox, link).

Acknowledgement sent to Moritz Mühlenhoff <jmm@inutil.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Debian Vim Maintainers <team+vim@tracker.debian.org>. (Wed, 28 Dec 2022 16:42:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Moritz Mühlenhoff <jmm@inutil.org>
To: submit@bugs.debian.org
Subject: vim: CVE-2022-4141
Date: Wed, 28 Dec 2022 17:39:04 +0100
Source: vim
X-Debbugs-CC: team@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for vim.

CVE-2022-4141[0]:
| Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing
| an attacker to CTRL-W gf in the expression used in the RHS of the
| substitute command.

https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f
https://github.com/vim/vim/commit/cc762a48d42b579fb7bdec2c614636b830342dd5 (v9.0.0947)

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-4141
    https://www.cve.org/CVERecord?id=CVE-2022-4141

Please adjust the affected versions in the BTS as needed.

Reply sent to James McCoy <jamessan@debian.org>:
You have taken responsibility. (Wed, 28 Dec 2022 17:42:06 GMT) (full text, mbox, link).

Notification sent to Moritz Mühlenhoff <jmm@inutil.org>:
Bug acknowledged by developer. (Wed, 28 Dec 2022 17:42:06 GMT) (full text, mbox, link).

Message #10 received at 1027146-close@bugs.debian.org (full text, mbox, reply):

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: 1027146-close@bugs.debian.org
Subject: Bug#1027146: fixed in vim 2:9.0.1000-1
Date: Wed, 28 Dec 2022 17:39:58 +0000
Source: vim
Source-Version: 2:9.0.1000-1
Done: James McCoy <jamessan@debian.org>

We believe that the bug you reported is fixed in the latest version of
vim, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1027146@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
James McCoy <jamessan@debian.org> (supplier of updated vim package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 28 Dec 2022 11:51:10 -0500
Source: vim
Architecture: source
Version: 2:9.0.1000-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Vim Maintainers <team+vim@tracker.debian.org>
Changed-By: James McCoy <jamessan@debian.org>
Closes: 1027146
Changes:
 vim (2:9.0.1000-1) unstable; urgency=medium
 .
   * Merge upstream patch v9.0.1000
     + Security fixes
       - 9.0.0882: using freed memory after SpellFileMissing autocmd uses
         bwipe, CVE-2022-4292
       - 9.0.0947: invalid memory access in substitute with function that goes
         to another file (Closes: #1027146, CVE-2022-4141)
   * Backport v9.0.1087 to fix test_autocmd flakiness
Checksums-Sha1:
 bcb4bef7232a59209a426e19607bec3d10a42ea1 3168 vim_9.0.1000-1.dsc
 a041828ee50468bb632f2eec2de4c0ef43339cf1 11016004 vim_9.0.1000.orig.tar.xz
 5d3cc09ee6ec15d920961e5b9a5f8b03cd97966c 171456 vim_9.0.1000-1.debian.tar.xz
Checksums-Sha256:
 cf7981cf974c59622f18a5f18e5cf851b503a245157d038300672383fab060c6 3168 vim_9.0.1000-1.dsc
 7cad71aa4285f827ea324dbb2453ed88ecb228fe10f258683f78560aa42f6743 11016004 vim_9.0.1000.orig.tar.xz
 c0eea5a7c83e99223f956053363b6a22569f66c23df00406202d6eaa2a527c66 171456 vim_9.0.1000-1.debian.tar.xz
Files:
 a78f72e752f8f46326cc5d50cac9f7e0 3168 editors optional vim_9.0.1000-1.dsc
 7e7a50315bb8e7b2bc7b83dd7304091c 11016004 editors optional vim_9.0.1000.orig.tar.xz
 770500c2f7273150f2debffe2c2f7c87 171456 editors optional vim_9.0.1000-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKoBAEBCgCSFiEEkb+/TWlWvV33ty0j3+aRrjMbo9sFAmOsdchfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDkx
QkZCRjRENjk1NkJENURGN0I3MkQyM0RGRTY5MUFFMzMxQkEzREIUHGphbWVzc2Fu
QGRlYmlhbi5vcmcACgkQ3+aRrjMbo9s2CxAAqJUqFee8IfOVjK3fsmDXFzf8u1Pz
/wkm4+CUT6hYarwyChecQYvmGR+ELL0P3JSJNntKUBVUt1b4hm0fy+/7MbPnFHn7
YbWAMvZdI2DSDxpja7HNEWEc05x3q0JFE5qfcpJnb+XMPwhfBwf6blZ/SxBkkiIb
MwfbzyolXrUeXvDTbSXbvzDzYtCCveWQYkArTDDZPNyaA/NHpWUTAYwwd99SrW30
NOqnagrvbe1C5FWq8KxNbSX+ZZZl5m7WL1qRQs9r8YTGRDdX74W70tmHen8qhtS/
ozTwWnXazt0rekXVye+aFG1adrIF+4wLj6VpwOlGH36fEf6TIUUvcidXhLeYH9Gt
EJdQBcKc7cV6MylSwfzshrJHMR8YW+kUmrzFtSXavcwXlAZ2ImkSy9ApJbiueIvq
NDQHo0ANQjUGjn1VENEBvSpFRFyX8f174A1VjOX+6kcEIouur3ILnlhZuUqHKBmE
SguraGFa6hNqFzFN2KBq7bIZlSimRs2J486bxmgXaRhvxDWZHhg3LtV7LnRv0IcI
oe3dS/CTbsDf2cnC2u1t3epYn1Hsw9atK8snBEQDCPHdgzPBE3NjsNYYxtXwu/CC
FXzsFBJMlyYM3pC9i9dmo4olcus0B5Vb5bqGGXlLxTqFwPhlJtjF7t0ViWRbTAgp
TdYqknoVXMBjP80=
=GnEb
-----END PGP SIGNATURE-----

Added tag(s) upstream. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 28 Dec 2022 19:45:04 GMT) (full text, mbox, link).

Marked as found in versions vim/2:9.0.0813-1. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 28 Dec 2022 19:45:05 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Dec 29 16:36:48 2022; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started